package cn.chiship.framework.common.util;

import cn.chiship.sdk.cache.vo.CacheRoleVo;
import cn.chiship.sdk.cache.vo.CacheUserVO;
import cn.chiship.sdk.core.annotation.RequiredPermissions;
import cn.chiship.sdk.core.annotation.RequiredRoles;
import cn.chiship.sdk.core.enums.PermissionsEnum;
import cn.chiship.sdk.core.exception.custom.BusinessException;
import cn.chiship.sdk.core.exception.custom.PermissionsException;
import com.alibaba.fastjson.JSON;
import cn.chiship.sdk.cache.service.UserCacheService;

import javax.servlet.http.HttpServletRequest;
import java.lang.reflect.Method;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;

/**
 * @author lijian
 * 权限校验
 */
public class UserPermissionsUtil {
    public static boolean checkOption(Method method, UserCacheService userCacheService, HttpServletRequest request){
        if (method.getAnnotation(RequiredPermissions.class) != null || method.getAnnotation(RequiredRoles.class) != null) {
            if (userCacheService==null){
                throw new BusinessException("无法获得【userCacheService】");
            }
            CacheUserVO userVO=userCacheService.getUser();
            if (userVO==null){
                throw new BusinessException("Token失效?");
            }
            /**
             * 获得权限
             */
            List<String> perms=userVO.getPerms();
            if (method.getAnnotation(RequiredPermissions.class) != null){
                RequiredPermissions requiredPermissions=method.getAnnotation(RequiredPermissions.class);
                String [] permsValue=requiredPermissions.value();
                if (permsValue.length==0){
                    throw new PermissionsException("请配置所需要权限!");
                }
                if (requiredPermissions.logical().equals(PermissionsEnum.AND)){
                    if (!perms.containsAll(Arrays.asList(permsValue))){
                        throw new PermissionsException("接口【"+request.getRequestURI()+"】必须"+ JSON.toJSONString(requiredPermissions.value())+"拥有权限!");
                    }
                }else{
                    Integer count=0;
                    for (String permValue:permsValue){
                        if (perms.contains(permValue)){
                            count++;
                        }
                    }
                    if (count==0){
                        throw new PermissionsException("接口【"+request.getRequestURI()+"】至少"+JSON.toJSONString(requiredPermissions.value())+"拥有其中一种权限!");
                    }
                }
            }
            /**
             * 获得角色
             */
            List<String> roles=new ArrayList<>();
            for (CacheRoleVo roleVo:userVO.getCacheRoleVos()){
                roles.add(roleVo.getRoleCode());
            }
            if (method.getAnnotation(RequiredRoles.class) != null){
                RequiredRoles requiredRoles=method.getAnnotation(RequiredRoles.class);
                String [] rolesValue=requiredRoles.value();
                if (rolesValue.length==0){
                    throw new PermissionsException("请配置所需要角色!");
                }
                if (requiredRoles.logical().equals(PermissionsEnum.AND)){
                    if (!roles.containsAll(Arrays.asList(requiredRoles))){
                        throw new PermissionsException("接口【"+request.getRequestURI()+"】必须"+JSON.toJSONString(requiredRoles.value())+"拥有角色!");
                    }
                }else{
                    Integer count=0;
                    for (String roleValue:rolesValue){
                        if (roles.contains(roleValue)){
                            count++;
                        }
                    }
                    if (count==0){
                        throw new PermissionsException("接口【"+request.getRequestURI()+"】至少"+JSON.toJSONString(requiredRoles.value())+"拥有其中一种角色!");
                    }
                }
            }



        }
        return  true;
    }
}
